embOS-MPU

embOS-MPU uses the hardware's memory protection unit as well as additional software mechanisms implemented with embOS-MPU to prevent one task from affecting the entirety of the system. This guarantees that even in case a bug occurs in one task, all other tasks and the operating system itself continue execution.

emCrypt

emLib

Internet of Things

Secure, connected, embedded devices build with SEGGER solutions

Software IP components from SEGGER such as emSSL, emSSH, emSecure Crypto libraries, HTTP Web server, and embOS/IP to name a few, can be used as foundations for your securely, connected IoT device. Our software works on any MCU.

Flasher ST7

Flasher ATE

Flasher ATE is an in-circuit-programmer for high volume mass production. The interfaces to start and monitor the programming tasks have been designed with the implementer of the production system in mind.

Memory Footprint

How Much ROM Will emSSL Use?

That will depend entirely on the features that you select and the choices you make for the underlying implementation. Our hash functions and block ciphers are configurable to tune RAM, ROM, and performance to customer needs. You can choose a fast implementation and burn flash with precomputed lookup tables, or a lean implementation and run a little slower, using less RAM and ROM.

Minimal configuration*

17 kByte

emSSL with the smallest single cipher suite, RSA_WITH_RC4_128_SHA, and TLS protocol version 1.2, used in an embOS/IP Webserver application.

Default configuration*

19 kByte

emSSL with one single cipher suite, RSA_WITH_AES_128_CBC_SHA, and TLS protocol version 1.2, used in an embOS/IP Webserver application.All current major web browsers can establish a HTTPS connection to the server with this cipher suite.

Full configuration*

43 kByte

emSSL with all supported all cipher suites, all prime elliptic curves, TLS 1.0, TLS 1.1, and TLS 1.2, used in an embOS/IP Webserver application.

*Tested with SEGGER Embedded Studio, Cortex-M4, compiler optimizations for size. The values do not include the server certificates, which add another ~1.5 kByte per certificate.

Following components are required in order to use RSA_WITH_AES_128_CBC_SHA and TLS 1.2:

Cipher

AES128 CBC

Signature verification

RSA

Signature algorithm

SHA with RSA

Pseudorandom function (PRF)

SHA256

Message authentication code (MAC)

SHA1, SHA256

How Much RAM Will emSSL Use?

Again, this depends upon the cipher suites and how many simultaneous TLS connections you make.

The overall static RAM requirement of TLS is 0 KB - there is none, it's of the order of tens of bytes. When you create a connection, the amount of RAM required spikes during TLS negotiation because keys need to be exchanged, certificates parsed, and so on.

We also cannot control the record-layer packets sent by the server and, in this case, it wholly depends upon the server -- if the server cannot support the TLS record fragmentation extension. The smallest case is one DES-RC4 cipher suite, a single connection, which is currently in the range of 1.5 kBytes.

What we have done is tune emSSL such that it uses very little memory. We know it's going to be used in resource-constrained controllers. We know every byte is precious and we are working on trimming things even further.